Harness cutting-edge technology and the Secureworks Counter Threat Unit™ (CTU™) Research Team to analyze and prioritize global and targeted threats to assist you so you in proactively preventing security attacks.

Call Forwarding Phishing Attack

Wednesday, April 25, 2007By: Don Jackson

Date: April 25, 2007

Author: Don Jackson

SecureWorks discovered a new Phishing scheme this week which uses a "Call Forwarding" component. The victim receives an email from the phisher telling them that their bank needs to verify their phone number immediately. If they do not confirm their phone number their account will be suspended. The instructions are as follows:

If you have confirmed your phone, you can continue the update process:

________________________________________________________________

By calling these phone numbers, the bank customer is actually forwarding their calls to the phisher's number. The calls will continue to be forwarded until the victim notices they are not getting any calls.

After the victim confirms their phone number, they are asked to update their personal info, social security number, bank account number, credit card number, etc.

If the bank customer cooperates, then the phisher has all of the banking and personal information needed to begin making fraudulent transactions on the victim's bank account. If the customer's bank calls them to query an odd transaction during the period that their calls are being forwarded, the phisher will receive the calls and confirm that the fraudulent transaction is legitimate.

This particular phishing scam, shown below, has already been taken down by the hosted ISP. However, SecureWorks does feel that other phishing schemes using similar "Call Forwarding" components will be seen on the Internet. To protect against this phishing scam and others, never provide your financial or personal information to an unknown source via email or the phone.